?
Solved

NAT of WAN IP (PIX FIREWALL) to ISA 2006 (IN DMZ )to setup EXCHANGE 2007 CAS (INTERNAL LAN)

Posted on 2008-11-12
3
Medium Priority
?
506 Views
Last Modified: 2012-08-14
Hi,  SETTING UP EXCHANGE CAS (EXCH SERVER IN THE INTERNAL LAN)
I realised I need to do a NAT of WAN IP on my PIX to the public ip DMZ interface of the ISA 2006 server. Also a DNS entry to for webmail.organization.com to point to WAN IP. I would like to clarify the following:

Once I have done the NAT on the PIX - that would mean that all traffic entering our network that wanted to get to any of the 12 servers in the DMZ - would be passing through the ISA 2006 server first.?? - Is that correct? - and therefore I would need to have all the ISA 2006 rules setup to allow appropriate traffic (basically the same rule set (ON ISA) allowing from outside -> to the DMZ as I have setup on my PIX - would that be a correct assumption - thanks
0
Comment
Question by:philb19
  • 2
3 Comments
 
LVL 14

Accepted Solution

by:
dfxdeimos earned 2000 total points
ID: 22947393
Yes.

You will start off with default rules like:

From in to out any any and whatever inbound rules that you have in your setup.
0
 
LVL 1

Author Comment

by:philb19
ID: 22947481
It just occured to me - that (im not sure agian about this)
If I do that NAT ie Outside interface PIX to the DMZ interface of PIX - you say all traffic then goes through ISA. Does that mean that the traffic (all traffic) - would  then be bypassing the rule set on the PIX - and hence if I was to open all  on the ISA - I would be opening up ALL traffic to the inside LAN

I only alow 3 or 4 ports from outside to the DMZ (with the PIX rule set) - if the outside is NAT'd to the DMZ ISA - is that no longer valid - or not the case?
0
 
LVL 1

Author Comment

by:philb19
ID: 22947486
DMZ interface of PIX  ( I MEANT DMZ interface of ISA)
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes Top 9 Exchange troubleshooting utilities that every Exchange Administrator should know. Most of the utilities are available free of cost. List of tools that I am going to explain in this article are:   Microsoft Remote Con…
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question